gitolite/contrib/adc/get-rights-and-owner.in-perl
2011-02-21 21:25:43 +05:30

53 lines
1.8 KiB
Perl
Executable file

#!/usr/bin/perl
use strict;
use warnings;
die "ENV GL_RC not set\n" unless $ENV{GL_RC};
die "ENV GL_BINDIR not set\n" unless $ENV{GL_BINDIR};
unshift @INC, $ENV{GL_BINDIR};
require gitolite or die "parse gitolite.pm failed\n";
gitolite->import;
# get the repo name
my $repo = shift;
$repo =~ s/\.git$//;
# IMPORTANT NOTE: to do any of this inside a hook, you should just use
# $ENV{GL_REPO}, since it's guaranteed to be set to the right value
# to do a "level 1" check (repo level -- not branch level), do this:
my ($perm, $creator) = check_access($repo);
# you can pass in any repo name you wish instead of the active repo
# the first return value looks like one of these, so you can just check for
# the presence of "R" or "W" and be done:
# _____R___W_
# _____R_____
# ___________
# The second value is "<gitolite>" for a normal repo, an actual username for
# a wildrepo, or "<notfound>" for a non-existent repo.
# to do a "level 2" check (branches), do something like this
my $ret = check_access($repo, 'refs/heads/foo', 'W', 1);
# the 2nd argument must be a *full* refname (i.e., not "master", but
# "refs/heads/master"). The 3rd argument is one of W, +, C, or D. The 4th
# argument should be any non-false perl value, like 1.
# the return value may look like this:
# refs/.*
# or perhaps this, if you were denied
# DENIED by fallthru
# NOTE: do NOT pass "R" as the 3rd argument. It will seem to work because
# you're merely testing the permissions in this code, but an *actual* "git
# fetch" for even a DENIED ref will succeed if the user has read access to at
# least one branch. This is because the information on what ref is being read
# is not made available externally in any useful way (the way the "update"
# hook gets its arguments when a push happens).